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AMENDMENTS TO THE SPECIFICATION 
Please replace paragraphs 0037, 0038, 0042, 0045, and 0047 currently in the 
Specification with the following corresponding paragraphs: 

[0037] As shown in Fig. 1, OS environment 100 may comprise one or more zones (also 
referred to herein as partitions), including a global zone 130 and zero or more non-global 
zones 140 (e.g. non-global zone 140(a) and 140(b)) . The global zone 130 is the general OS 
environment that is created when the OS is booted and executed, and serves as the default 
zone in which processes may be executed if no non-global zones 140 are created. In the 
global zone 130, administrators and/or processes having the proper rights and privileges can 
perform generally any task and access any device/resource that is available on the computer 
system on which the OS is run. Thus, in the global zone 130, an administrator can administer 
the entire computer system. In one embodiment, it is in the global zone 130 that an 
administrator executes processes to configure and to manage the non- global zones 140. 
[0038] The non-global zones 140 represent separate and distinct partitions of the OS 
environment 100. One of the purposes of the non-global zones 140 is to provide isolation. 
In one embodiment, a non-global zone 140 can be used to isolate a number of entities, 
including but not limited to processes executing in application environment 190 (e.g. 
application environment 190(a) and 190(b)) , one or more file systems 180 (e.g. file system 
180(a) and 180(b)) , and one or more logical network interfaces 182 (e.g. logical network 
interface 182(a) and 182(b)) . Because of this isolation, processes executing in application 
environment 190 in one non-global zone 140 cannot access or affect processes in any other 
zone. Similarly, processes executing in application environment 190 in a non-global zone 
140 cannot access or affect the file system 180 of another zone, nor can they access or affect 
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the network interface 182 of another zone. As a result, the processes 190 in a non-global 
zone 140 are limited to accessing and affecting the processes and entities in that zone. 
Isolated in this manner, each non-global zone 140 behaves like a virtual standalone 
computer. While processes executing in application environment 190 in different non-global 
zones 140 cannot access or affect each other, it should be noted that they may be able to 
communicate with each other via a network connection through their respective logical 
network interfaces 182. This is similar to how processes on separate standalone computers 
communicate with each other. ^ - w *" 

[0042] In one embodiment, enforcement of the zone boundaries is carried out by the 
kernel 150. More specifically, it is the kernel 150 that ensures that processes executing in 
application environment 190 in one non-global zone 140 are not able to access or affect 
processes executing in application environment 190, file systems 180, and network interfaces 
182 of another zone (non-global or global). In addition to enforcing the zone boundaries, 
kernel 150 also provides a number of other services. These services include but are certainly 
not limited to mapping the network interfaces 182 of the non-global zones 140 to the 
physical network devices 120 (e.g. physical network devices 120(1 VI 20(n)) of the computer 
system, and mapping the file systems 180 of the non-global zones 140 to an overall file 
system and a physical storage 1 10 of the computer system. The operation of the kernel 150 
will be discussed in greater detail in a later section. 

[0045] To put an Installed zone into the Ready state, a global administrator invokes an 
operating system utility (in one embodiment, zoneadm(lm) again), which causes a zoneadmd 
process 162 (e.g. zoneadmd process 162(a) and 162(b)) to be started (there is a zoneadmd 
process associated with each non-global zone). In one embodiment, zoneadmd 162 runs 
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within the global zone 130 and is responsible for managing its associated non-global zone 
140. After zoneadmd 162 is started, it interacts with the kernel 150 to establish the non- 
global zone 140. In creating a non-global zone 140, a number of operations are performed, 
including but not limited to assigning a zone ID, starting a zsched process 164 (e.g. zsched 
process 164(a) and 164(b)) (zsched is a kernel process; however, it runs within the non- 
global zone 140, and is used to track kernel resources associated with the non-global zone 
140), mounting file systems 180, plumbing network interfaces 182, configuring devices, and 
setting resource controls. These and other operations put the non-global zone 140 into the 
Ready state to prepare it for normal operation. 

[0047] After a non-global zone 140 is in the Ready state, it can be transitioned into the 
Running state by executing one or more user processes in the zone. In one embodiment, this 
is done by having zoneadmd 162 start an init process 172 (e.g. init process 172(a) and 
172(b)) in its associated zone. Once started, the init process 172 looks in the file system 180 
of the non- global zone 140 to determine what applications to run. The init process 172 then 
executes those applications to give rise to one or more other processes 174. In this manner, 
an application environment is initiated on the virtual platform of the non- global zone 140. In 
this application environment, all processes executing in application environment 190 are 
confined to the non-global zone 140; thus, they cannot access or affect processes, file 
systems, or network interfaces in other zones. The application environment exists so long as 
one or more user processes are executing within the non-global zone 140. 
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